Logstash 1.5.4 and 1.4.5 released

We are announcing the release of logstash 1.5.4 and 1.4.5 which fixes important security issues. Our recommendation is to upgrade immediately if you are using either of the following features:

Logstash forwarder: After the release of 1.5.3, users encountered an issue where Logstash Forwarder was unable to communicate to Logstash instance because of SSL/TLS certificate validation errors. This has been fixed.

Lumberjack output: Typically used to connect two Logstash instances. In such deployments, one Logstash instance is used to collect logs from a webserver and securely transmit them to a central Logstash instance to perform additional filtering and storing.

Security Fixes

When using SSL/TLS functionality, Lumberjack output from Logstash 1.5.3 and prior versions did not validate certificate presented by the Logstash instance acting as a server. This exposes a man in the middle vulnerability.

Note: Users of Logstash Forwarder are not affected by this particular vulnerability

Enhancements

Elasticsearch Output: Added the ability to update existing ES documents and support of upsert -- if document doesn't exist, create it (#116). Thanks to David Chauviere for contributing this enhancement!

Lumberjack input: Fixed a scenario where Logstash Forwarder could lose events when dealing with congestion from downstream plugins. We were incorrectly calculating the window size of payload in the acknowledgement stage. (#3691)